Default set enabled property to false for deleteToolButton and
copyToolButton because no item is selected.
Change-Id: I99bfb572abb9bc38cbf49c6b1fabdeefac4f8d90
Reviewed-on: https://code.wireshark.org/review/29951
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Default set enabled property to false for deleteToolButton and
copyToolButton because no item is selected.
Change-Id: I6ead2fa17cf1fd5bc165526fb76d104af6d5234d
Reviewed-on: https://code.wireshark.org/review/29949
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
* UCC-REQ does not contain any Annex C TLVs
* Align INFO field for UCC REQ and RSP to similar DOCSIS packets
Change-Id: I2cdad12aaf5036b9130c8af3d131ee3a6b317923
Reviewed-on: https://code.wireshark.org/review/29948
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For Data frames with ToDs=1|FromDS=1 and a Frame body containing A-MSDU,
the Addr3 and Addr4 fields are not Destination/Source addresses (DA/SA),
but BSSID/BSSID. Use the RA/TA fields for the Hw Dest/Src columns and
add another BSSID field for Addr4 (should match Addr3, but in theory the
wire format could have different values).
While at it, fix the A-MSDU case for other cases to match 802.11-2016
Table 9-26 Address field contents. The "Short A-MSDU" case as used by
DNG STAs are not handled here though.
Tested against a capture with MSDU frames (all but ToDS=1|FromDS=1) and
the test case from the linked bug.
Bug: 15144
Change-Id: Ic832d7cd7b8e05a1408353cb79c07efed0fb19cc
Reviewed-on: https://code.wireshark.org/review/29935
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The returned offset must be non-zero or the data dissector is invoked.
Change-Id: Iaff6e1f19fc94e17b41ad06a8be491fbec4835ba
Fixes: v2.9.0rc0-1797-g91c5942c93 ("QUIC: implement packet coalescing (draft >= 11)")
Reviewed-on: https://code.wireshark.org/review/29945
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That puts the two arguments to fill in - the wtap_rec and the Buffer -
together.
Change-Id: I8850a7aaccc98e5acd292e3cebc1f37cee8a6ce7
Reviewed-on: https://code.wireshark.org/review/29946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's a blob of bytes, so the right type is guint8 *, not guchar *.
Change-Id: I74afa95da1e14866af68f1580cfbccd55f08ed65
Reviewed-on: https://code.wireshark.org/review/29944
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's a blob of bytes, so the right type is guint8 *, not guchar *.
(Yes, in practice, they're both typedefs for "unsigned char" - sadly,
C's data types didn't make a distinction between "byte-sized integral
value" and "character" - but given that we have different names, let's
use them to make it clearer what's being done.)
Change-Id: Idb10a208877c84df0432043d69d4aff5a2b2f803
Reviewed-on: https://code.wireshark.org/review/29943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We use the per-file encapsulation everywhere else; use it there as well.
Change-Id: I3e3df234a9f541a9d90e54a3c0f41b5019e00bb3
Reviewed-on: https://code.wireshark.org/review/29940
Reviewed-by: Guy Harris <guy@alum.mit.edu>
wtap_read() clears it for you.
Change-Id: I736509d54ff385e5b80e9393aeb91c6473b02824
Reviewed-on: https://code.wireshark.org/review/29939
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's no need to set *err to 0; it's set by stanag4607_read_file().
There's no need for an intermediate variable to hold the current file
offset; just assign it directly to *data_offset.
Change-Id: I24bd1c349dd48576a65cc36228a680134427bba5
Reviewed-on: https://code.wireshark.org/review/29938
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To prevent potential interference with other users of the capture file,
read data in a private buffer instead of reusing the one from capFile.
Change-Id: I6d689440e0cc13ef522e874fd8e5795a97a6aca7
Reviewed-on: https://code.wireshark.org/review/29922
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To prevent potential interference with other users of the capture file,
read data in a private buffer instead of reusing the one from capFile.
An accidental (?) change in commit v2.9.0rc0-2001-g123bcb0362 resulted
in "cf_read_record" reallocating the capture_file->buf buffer. That
issue combined with the current behavior would result in a crash when
ignoring a packet followed by two times opening a context menu:
==32187==ERROR: AddressSanitizer: heap-use-after-free on address 0x7fda91642800 at pc 0x55a98f3faaa7 bp 0x7fffa2807860 sp 0x7fffa2807858
READ of size 1 at 0x7fda91642800 thread T0
#0 0x55a98f3faaa6 in QByteArray::operator[](int) const /usr/include/qt/QtCore/qbytearray.h:476:47
#1 0x55a9901006eb in ByteViewText::drawLine(QPainter*, int, int) ui/qt/widgets/byte_view_text.cpp:370:35
#2 0x55a9900fd109 in ByteViewText::paintEvent(QPaintEvent*) ui/qt/widgets/byte_view_text.cpp:217:9
...
#50 0x55a98e9fd32a in PacketList::contextMenuEvent(QContextMenuEvent*) ui/qt/packet_list.cpp:614:15
...
0x7fda91642800 is located 0 bytes inside of 3038371-byte region [0x7fda91642800,0x7fda919284a3)
freed by thread T0 here:
#0 0x55a98e65fd99 in __interceptor_realloc (run/wireshark+0x1019d99)
#1 0x7fdac6e1bb88 in g_realloc /build/src/glib/glib/gmem.c:164
#2 0x7fdaac12c908 in wtap_read_packet_bytes wiretap/wtap.c:1368:2
#3 0x7fdaabf01e5a in libpcap_read_packet wiretap/libpcap.c:789:7
#4 0x7fdaabef887d in libpcap_seek_read wiretap/libpcap.c:690:7
#5 0x7fdaac12d5f5 in wtap_seek_read wiretap/wtap.c:1431:7
#6 0x55a98e6c8611 in cf_read_record_r file.c:1566:8
#7 0x55a98e6c88c5 in cf_read_record file.c:1576:10
#8 0x55a98ea0b725 in PacketList::getFilterFromRowAndColumn() ui/qt/packet_list.cpp:1041:14
#9 0x55a98e94e4a1 in MainWindow::setMenusForSelectedPacket() ui/qt/main_window_slots.cpp:1175:39
previously allocated by thread T0 here:
#0 0x55a98e65fd99 in __interceptor_realloc (run/wireshark+0x1019d99)
#1 0x7fdac6e1bb88 in g_realloc /build/src/glib/glib/gmem.c:164
#2 0x7fdaac12c908 in wtap_read_packet_bytes wiretap/wtap.c:1368:2
#3 0x7fdaabf01e5a in libpcap_read_packet wiretap/libpcap.c:789:7
#4 0x7fdaabef887d in libpcap_seek_read wiretap/libpcap.c:690:7
#5 0x7fdaac12d5f5 in wtap_seek_read wiretap/wtap.c:1431:7
#6 0x55a98e6c8611 in cf_read_record_r file.c:1566:8
#7 0x55a98e6c88c5 in cf_read_record file.c:1576:10
#8 0x55a98e6e0bde in cf_select_packet file.c:3777:8
#9 0x55a98e9ea2ff in PacketList::selectionChanged(QItemSelection const&, QItemSelection const&) ui/qt/packet_list.cpp:420:9
This should be fixed now by I4f1264a406a28c79491dcd77c552193bf3cdf62d,
but let's avoid the shared buffer. It's not exactly a hot code path
anyway.
Change-Id: I548d7293a822601f4eb882672477540f066a066b
Reviewed-on: https://code.wireshark.org/review/29921
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
See https://tools.ietf.org/html/draft-ietf-tls-certificate-compression-03
the value is TEMPORARY registered to IANA (registered 2018-05-23, expires 2019-05-23
Change-Id: I5a91ad4f1366cd7f0fa077677f227a66591494b6
Reviewed-on: https://code.wireshark.org/review/29796
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We initialized it, but only cleaned it up in an error code path, not in
the regular code path. That could leak memory.
Change-Id: Ic6689163ca58990fa5091b23e7ab2e0292eed76c
Reviewed-on: https://code.wireshark.org/review/29930
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We initialized it, but only cleaned it up in an error code path, not in
the regular code path. That could leak memory.
Change-Id: Icb5aa5b1a2df8919d8a4e54d88a5d865320bd279
Reviewed-on: https://code.wireshark.org/review/29929
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They are used together; put them together.
Change-Id: I13ec1f37a9a141d3717bfde4db6f1b7e501fb794
Reviewed-on: https://code.wireshark.org/review/29928
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Let QByteArray own the memory instead of wmem to allow memory to be
released earlier.
Change-Id: Ibf6d1a56120d30daea76924b8006480854dcfbd3
Reviewed-on: https://code.wireshark.org/review/29923
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Show the warning about unknown colorfilters being disabled when
opening the "Coloring Rules..." dialog to make the user aware of
this before starting editing the rules.
The user may have corrected the filter and enabled it while having
the dialog open, and then this warning would be misleading.
Change-Id: Ic7f10495e5561bc2fea413c89cf9ebd187c8f113
Reviewed-on: https://code.wireshark.org/review/29909
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When saving the colorfilters file, keep and disable unknown coloring
rules instead of removing them. The user may want to correct the syntax.
Change-Id: Ib27612a0601276b6ebbb467d7d253f3f72103d1c
Reviewed-on: https://code.wireshark.org/review/29908
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reset prefs.unknown_colorfilters in the beginning of read_filters_file()
to avoid a situation when the preference is set and never cleared.
This will end up with an error message in UI even when not having
unknown color filters.
Change-Id: I835dbc2a57f0be6889eb5bce250987dabd796e30
Reviewed-on: https://code.wireshark.org/review/29904
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
That way, we don't need a chunk of code in epan/prefs.c that knows about
various preference module mappings; individual dissectors can register
aliases as appropriate.
(The Nortel Discovery Protocol never *had* any preferences, even when
it was the SynOptics Network Management Protocol, so there's no need for
it to register an alias.)
Change-Id: I4a718dac6bb06801cc06a6ee5a28d7ed81e67e5d
Reviewed-on: https://code.wireshark.org/review/29914
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make them obsolete preferences; if they had any use, it was with the
now-removed GTK+ UI.
Change-Id: I2b514148c8066c5c79cb402493f47a21d3679819
Reviewed-on: https://code.wireshark.org/review/29912
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They're no longer used by any of the printing code; mark them as
obsolete.
Change-Id: Iceaf14f48f1bd35757a9a158a5348f6202b90fc7
Reviewed-on: https://code.wireshark.org/review/29911
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Issue was spotted because the bit used by wireshark in this field
didn't make sense, as same bit was being used by MS Power field.
According to spec "3GPP TS 44.004" section "7.2 SACCH uplink block format",
the field is located in bit 6 of the 1st octet.
Change-Id: Ia4390b79d9d2b3966c4ca69eda0bf1ae10be7398
Reviewed-on: https://code.wireshark.org/review/29893
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
current_stream_id is only defined when built with HAVE_NGHTTP2. One
option is to create the session with stream ID unconditionally. As the
subdissector (DoH) is chosen based on the Content-Type header and
parsing of such headers is only possible with nghttp2, don't bother.
Change-Id: Iefee65210974bf5b8b75c6870a0476567b6830e5
Fixes: v2.9.0rc0-2007-gcc69e09981 ("HTTP2: allow subdissectors to query the Stream ID")
Reviewed-on: https://code.wireshark.org/review/29896
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
../sharkd_session.c: In function ‘json_puts_string’:
../sharkd_session.c:125:20: warning: array subscript has type ‘char’ [-Wchar-subscripts]
fputs(json_cntrl[str[i]], stdout);
Change-Id: I03a07b8cb42692f636491fad9b15ac71ac0c03f4
Reviewed-on: https://code.wireshark.org/review/29883
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It should fix warning reported by Stig:
[...]/wireshark/sharkd_session.c:125:20: warning: array subscript is of type 'char' [-Wchar-subscripts]
fputs(json_cntrl[str[i]], stdout);
^~~~~~~
Change-Id: I9352174223644394ba2bf76f10ff3bf6b6abcad5
Reviewed-on: https://code.wireshark.org/review/29877
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add enough AVPs to get the Diameter XML validating again.
Also some whitespace and indentation cleanup.
Change-Id: Ibebfc8832d50f6347e371ca4b8c5b81548e061a8
Reviewed-on: https://code.wireshark.org/review/29898
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Obsoleting the gtk packages allows a clean upgrade to the Qt version (without
requiring the user to manually remove those packages).
Set the install prefix based on what the user set when running cmake (like
we did with autotools).
Change-Id: Ica283f40bc002951af4ff1f9d719295c0a598c3b
Reviewed-on: https://code.wireshark.org/review/29892
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Continue dissecting if we find an empty line. Add an entry for the
_SYSTEMD_USER_SLICE field.
Change-Id: Id6e970b785e359095fbd8101e071f2d8cabcaf53
Reviewed-on: https://code.wireshark.org/review/29897
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
We shouldn't set any rec_header.syscall_header fields in
pcapng_read_systemd_journal_export_block.
Change-Id: I920accdbcdcdbf6d71324c8d9d6d562511f6a9d1
Reviewed-on: https://code.wireshark.org/review/29895
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Handle DoH messages specially, use the HTTP/2 Stream ID for matching
requests with responses. Fixes misleading "retransmission" expert infos
and properly link (successive) requests with (out-of-order) responses.
Change the "Protocol" column to "DoH" while at it.
Change-Id: I42b22c5c8560ee029051dcb3561e188572a4245f
Ping-Bug: 14433
Reviewed-on: https://code.wireshark.org/review/29889
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Last version of Wireshark can not decode DynamicFramePacking
subframes. Changes are implemented to decode subframes.
Change-Id: Ifba011418a5211d9599c48d37597a16733dfafa8
Reviewed-on: https://code.wireshark.org/review/29882
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the new elements introduced for OWE:
- OWE DH Parameter in the association request/response as specified in RFC 8110
- OWE Transition Mode element as specified in "Opportunistic Wireless Encryption Specification version 1.0" by the WiFi Alliance
Bug: 15146
Change-Id: I9b6c6de459899ce28c909bf79bdde431e50679c9
Reviewed-on: https://code.wireshark.org/review/29850
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In case the TLS key log file is provided by means other than a file,
split the file reading part from the contents processing part. Adjust
the line handling logic to allow immutable strings. Stick to fgets to
avoid partial lines in case the read buffer is full.
Rename some SSL -> TLS while at it.
Change-Id: I28da96834833e6096074ce122a6ebc3484655d9f
Reviewed-on: https://code.wireshark.org/review/29890
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This will be used by the DNS dissector to distinguish different
request/response pairs over the same connection (for DoH).
Change-Id: I53721904b007847861807faa1a2137e696639428
Reviewed-on: https://code.wireshark.org/review/29888
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke
Pau Espin